Lucene search

HistoryApr 25, 2014 - 2:15 p.m.

CVE-2012-4230

2014-04-2514:15:30

CWE-264

web.nvd.nist.gov

cve-2012-4230

bbcode plugin

tinymce 3.5.8

cross-site scripting

xss

security policy

encoding directive

valid_elements attribute

nvd

7.3 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.2%

CPENameOperatorVersion
tinymce:tinymcetinymceeq3.5.8

CPE	Name	Operator	Version
tinymce:tinymce	tinymce	eq	3.5.8

References

osvdb.org/91130

packetstormsecurity.com/files/120750/TinyMCE-3.5.8-Cross-Site-Scripting.html

seclists.org/fulldisclosure/2013/Mar/114

www.madirish.net/554

www.securityfocus.com/bid/58424

exchange.xforce.ibmcloud.com/vulnerabilities/82744